powered by Jive Software

Omemo key management Problems

Hi there!
We have frequent problems with omemo in a way that the msges get encrypted for a wrong device.
“The massage wasnt encrypted for this device.”, which often leads to lost messages because one is never able to find the right device. The openfire server installation is very old and has been upgraded since version 3 of openfire. So please take into account that there might have been bugs in the past that messed things up.
Clients are mostly conversations and gajim.
We picked an example conversation we had today where we got those messages.
User a and user b.
User a sends an encrypted message to user b and the other way around. user a and b both receive the message that the message has been encrypted for a different device.
When user b looks into the contact details he sees an omemo fingerprint that user a sees under “other devices” in conversations. However user b’s active key (fingerprint) isnt visible in the contact details.
And its like that the other way around.
I am wondering what going wrong here?
I run openfire 4.6.6 on linux, with ad(ldap)-integration.
When i did take a look at user b’s pubsub nodes.
there are 18 (!) eu.siacs.conversations.axolotl.bundles in there and 1 eu.siacs.conversations.axolotl.devicelist.
Is it a good idea to get rid of ALL eu.siacs.conversations.axolotl* entries to start over fresh?
This is very annoying as it makes one loose messages VERY frequently.
Thanks for your help in advance!

As far as I know, OMEMO doesn’t need any specific server support, apart from Pubsub/PEP. If the problem isn’t in the clients, then it stands to reason that there’s a bug in Openfire’s Pubsub/PEP implementation - but I can’t deduce from this what that would be. Can you consistently reproduce the problem?

Hi there!
I deleted all the eu.siacs.conversations.axolotl.* entries for both users. After that omemo started to work again. Just FYI.
Thanks guus!